Click here to request your free 14-day trial of Cisco Umbrella through NetCraftsmen today!

1/28
2016
Terry Slattery

Network Field Day 11: NetScout Takes the Pulse of the Network

NetScout, well known for its high-performance network monitoring systems, has entered the application performance monitoring market with a probe-based system called TruView Live that uses a probe named Pulse. Watch the NFD11 presentations by NetScout. The probes create synthetic transactions for web, VOIP, and video traffic. The physical probes are Linux-based processors that are powered via a PoE connection, making them small and easy to deploy. Of course, you have to have PoE switches for them to work out of the box. Separate voice VLANs are properly handled properly, but only SIP voice is currently supported (no Cisco Skinny protocol).

The Advantages of Probes

I like probe-based systems because they can be easily deployed and provide good visibility into problems that affect applications. Many customers are more successful with application probes than they are with complex network monitoring systems. However, like any network management system, it does require that someone manage the probe locations, monitor the reports, and take corrective action when a problem is reported.

The Pulse is useful in networks where visibility is limited or nonexistent. A VM version is available for installation in public cloud deployments. Monitoring the traffic between the corporate network and the public cloud provides another level of visibility over networks and infrastructure that other tools cannot monitor. Probes are also useful where the application traffic may not be present at all times. Tests can be run during times when the real applications are not running. So VOIP connectivity to remote sites can be checked even when no one is at the site.

TruView also provides about 10 probe sites located around the world from which customers can configure tests to monitor their web infrastructure. Being able to monitor from multiple sites is a very useful feature and should be expanded to additional sites worldwide.

The Disadvantages of Probes

One of the biggest problems with probes is keeping the software updated. NetScout eliminates this disadvantage by creating a process in which the probes perform automatic updates.

Installation and power are another common problem. The Pulse is a very small form factor, avoiding the problem of mounting and power that larger probes present.

Suggestions for NetScout

The NetScout Pulse comes in a small box that includes the hardware and a pair of AA batteries that power the unit when doing an initial installation where PoE isn’t available. The batteries do not last very long, so a PoE connection is required for any real monitoring. There should be an option to order the Pulse with an Ethernet power injector for sites where the switch infrastructure doesn’t provide PoE. Otherwise, the customer must be aware of the need for PoE and must procure power injectors from another source.

The Pulse has a unique code that must be input to the NetScout portal to enable the device. But upon looking at the exterior of the box, there was no corresponding barcode that matched the device’s code. A customer who orders tens or hundreds of Pulse probes will have to use a manual process to enter all the codes. An external bar code and a process for entering probe IDs in bulk are going to be critical for large unit sales.

As mentioned in the disadvantages above, the web server that runs on the Pulse should be secured with at least a self-signed certificate, so that connections to the Pulse are encrypted. In modern security-conscious environments, it is important to take every security step possible.

NetScout should add more protocols, such as mail and ping, the latter of which was conspicuous by its absence. The existing traceroute functionality should be enhanced to show changes in the path over time, which may indicate that a network problem is due to a path change.

Summary

None of the above suggestions are show-stopper problems and its advantages outweigh the disadvantages. The current Pulse has some of the symptoms of a new product. It will be interesting to see how quickly NetScout moves forward with improvements.

For a conversation about your own organization’s network and application monitoring needs, feel free to reach out.

Disclaimer: The vendors at NFD11 do not pay delegates for blog posts. They paid indirectly for my travel and lodging to attend NFD11.

Terry Slattery

Terry Slattery

Principal Architect

Terry Slattery is a Principal Architect at NetCraftsmen, an advanced network consulting firm that specializes in high-profile and challenging network consulting jobs. Terry is currently working on network management, SDN, business strategy consulting, and interesting legal cases. He is the founder of Netcordia, inventor of NetMRI, has been a successful technology innovator in networking during the past 20 years, and is co-inventor on two patents. He has a long history of network consulting and design work, including some of the first Cisco consulting and training. As a consultant to Cisco, he led the development of the current Cisco IOS command line interface. Prior to Netcordia, Terry founded Chesapeake Computer Consultants, which became a Cisco premier training and consulting partner. At Chesapeake, he co-invented and patented the v-LAB system to provide hands-on access to real hardware for the hands-on component of internetwork training classes. Terry co-authored the successful McGraw-Hill text "Advanced IP Routing in Cisco Networks," is the second CCIE (1026) awarded, and is a regular speaker at Enterprise Connect and Interop. He currently blogs at TechTarget, No Jitter and our very own NetCraftsmen.

View more Posts

 

Nick Kelly

Cybersecurity Engineer, Cisco

Nick has over 20 years of experience in Security Operations and Security Sales. He is an avid student of cybersecurity and regularly engages with the Infosec community at events like BSides, RVASec, Derbycon and more. The son of an FBI forensics director, Nick holds a B.S. in Criminal Justice and is one of Cisco’s Fire Jumper Elite members. When he’s not working, he writes cyberpunk and punches aliens on his Playstation.

 

Virgilio “BONG” dela Cruz Jr.

CCDP, CCNA V, CCNP, Cisco IPS Express Security for AM/EE
Field Solutions Architect, Tech Data

Virgilio “Bong” has sixteen years of professional experience in IT industry from academe, technical and customer support, pre-sales, post sales, project management, training and enablement. He has worked in Cisco Technical Assistance Center (TAC) as a member of the WAN and LAN Switching team. Bong now works for Tech Data as the Field Solutions Architect with a focus on Cisco Security and holds a few Cisco certifications including Fire Jumper Elite.

 

John Cavanaugh

CCIE #1066, CCDE #20070002, CCAr
Chief Technology Officer, Practice Lead Security Services, NetCraftsmen

John is our CTO and the practice lead for a talented team of consultants focused on designing and delivering scalable and secure infrastructure solutions to customers across multiple industry verticals and technologies. Previously he has held several positions including Executive Director/Chief Architect for Global Network Services at JPMorgan Chase. In that capacity, he led a team managing network architecture and services.  Prior to his role at JPMorgan Chase, John was a Distinguished Engineer at Cisco working across a number of verticals including Higher Education, Finance, Retail, Government, and Health Care.

He is an expert in working with groups to identify business needs, and align technology strategies to enable business strategies, building in agility and scalability to allow for future changes. John is experienced in the architecture and design of highly available, secure, network infrastructure and data centers, and has worked on projects worldwide. He has worked in both the business and regulatory environments for the design and deployment of complex IT infrastructures.